Imports System.IO
Imports System.Data.SqlClient
Imports System
Imports System.Text
Imports System.Security.Cryptography
Imports System.Runtime.InteropServices
Public Class FrmLogout
    Private Shared DES As New TripleDESCryptoServiceProvider()
    Private Shared MD5 As New MD5CryptoServiceProvider()
    Private Sub btnCancel_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnCancel.Click
        End
    End Sub
    Function GenerateMD5_Pw(ByVal vb4EncryptPW) As Byte()
        Dim md5Hasher As New MD5CryptoServiceProvider()

        Dim hashedBytes As Byte()
        Dim encoder As New UTF8Encoding()

        hashedBytes = md5Hasher.ComputeHash(encoder.GetBytes(vb4EncryptPW))
        GenerateMD5_Pw = hashedBytes


    End Function
    Private Sub Login()

        Dim myCommand As SqlCommand
        Dim SqlConn As New SqlConnection()
        SqlConn = New SqlConnection(GV_CONNETION)
        myCommand = New SqlCommand("spLogin", SqlConn)
        myCommand.CommandType = CommandType.StoredProcedure
        SqlConn.Open()

        myCommand.Parameters.Add("@USERID", SqlDbType.VarChar)
        myCommand.Parameters.Add("@PW", SqlDbType.Binary, 16)
        myCommand.Parameters("@USERID").Value = Trim(txtUserName.Text)
        myCommand.Parameters("@PW").Value = GenerateMD5_Pw(Trim(TxtPw.Text))

        Dim strSPOut As String
        strSPOut = myCommand.ExecuteScalar()
        If strSPOut <> "PASS" Then
            lblErrLog.Visible = True
            lblErrLog.Text = strSPOut
        Else
            lblErrLog.Visible = False
            TxtPw.Text = ""
            GV_USER = GetUserID(Trim(txtUserName.Text)) 'UCase(Trim(txtUserName.Text))
            GetUserName()
            GetUserRight()
            InsertAuditLog()
            If GV_VIEW_ONLY = False Then
                MsgBox("Access denied. Unauthorized user.", MsgBoxStyle.Information, "ATU Scan Appointment System")
                Exit Sub
            Else
                Me.Close()
            End If
        End If

    End Sub
    Function GetUserID(ByVal vUseLoginID)

        Dim SqlConnection1 As New SqlConnection()
        SqlConnection1 = New SqlConnection(GV_CONNETION)
        If SqlConnection1.State = ConnectionState.Closed Then SqlConnection1.Open()
        Dim sqlCmd = New SqlCommand("spGetUserID", SqlConnection1)
        sqlCmd.Parameters.Add("@UserLoginID", SqlDbType.VarChar)
        sqlCmd.Parameters("@UserLoginID").Value = vUseLoginID
        sqlCmd.CommandType = CommandType.StoredProcedure
        Dim rsReader As SqlDataReader
        rsReader = sqlCmd.ExecuteReader()
        If rsReader.Read() Then
            GetUserID = IIf(IsDBNull(rsReader("UserID")), "0", rsReader("UserID"))
        End If
        rsReader.Close()
        SqlConnection1.Close()
    End Function
    Private Sub InsertAuditLog()
        Try
            Dim myCommand As SqlCommand
            Dim vSQL As String
            'Response.Write(e.Item.Cells(4).Text)
            'CONNETION STRING
            Dim SqlConn As New SqlConnection()
            SqlConn = New SqlConnection(GV_CONNETION)
            myCommand = New SqlCommand("spInsertAuditLog", SqlConn)
            myCommand.CommandType = CommandType.StoredProcedure
            SqlConn.Open()

            myCommand.Parameters.Add("@USER_LOGIN", SqlDbType.VarChar)
            myCommand.Parameters.Add("@STATUS", SqlDbType.VarChar)
            myCommand.Parameters("@USER_LOGIN").Value = GV_USER
            myCommand.Parameters("@STATUS").Value = "IN"
            myCommand.ExecuteNonQuery()
            myCommand.Cancel()
            SqlConn.Close()
            myCommand = Nothing
            SqlConn = Nothing

        Catch ex As Exception
            Dim vStrErr As String
            vStrErr = ex.Message & " ||InsertAuditLog||"
            Write_ErrLog(vStrErr)
            Exit Sub
        End Try

    End Sub
    Private Sub GetUserRight()
        'Dim SqlConnection1 As New SqlConnection()
        'SqlConnection1 = New SqlConnection(GV_CONNETION)
        'If SqlConnection1.State = ConnectionState.Closed Then SqlConnection1.Open()
        'Dim sqlCmd = New SqlCommand("spGetUserRight", SqlConnection1)
        'sqlCmd.Parameters.Add("@STAFF_ID", SqlDbType.VarChar)
        'sqlCmd.Parameters("@STAFF_ID").Value = GV_USER
        'sqlCmd.CommandType = CommandType.StoredProcedure
        'Dim rsReader As SqlDataReader
        'rsReader = sqlCmd.ExecuteReader()
        'If rsReader.Read() Then
        '    GV_VIEW_ONLY = IIf(IsDBNull(rsReader("Sec_View")), "TRUE", rsReader("Sec_View"))
        '    GV_ALLOW_EDIT = IIf(IsDBNull(rsReader("Sec_Modify")), "FALSE", rsReader("Sec_Modify"))
        '    GV_ALLOW_DELETE = IIf(IsDBNull(rsReader("Sec_Delete")), "FALSE", rsReader("Sec_Delete"))
        '    GV_ALLOW_PRINT = IIf(IsDBNull(rsReader("Sec_Print")), "FALSE", rsReader("Sec_Print"))
        'End If
        'rsReader.Close()
        'SqlConnection1.Close()
        GV_VIEW_ONLY = True
        GV_ALLOW_EDIT = True
        GV_ALLOW_DELETE = True
        GV_ALLOW_PRINT = True
    End Sub
    Private Sub GetUserName()

        Dim SqlConnection1 As New SqlConnection()
        SqlConnection1 = New SqlConnection(GV_CONNETION)
        If SqlConnection1.State = ConnectionState.Closed Then SqlConnection1.Open()
        Dim sqlCmd = New SqlCommand("spGetUserName", SqlConnection1)
        sqlCmd.Parameters.Add("@STAFF_ID", SqlDbType.VarChar)
        sqlCmd.Parameters("@STAFF_ID").Value = GV_USER
        sqlCmd.CommandType = CommandType.StoredProcedure
        Dim rsReader As SqlDataReader
        rsReader = sqlCmd.ExecuteReader()
        If rsReader.Read() Then
            GV_USERNAME = IIf(IsDBNull(rsReader("UserName")), "", rsReader("UserName"))
        End If
        rsReader.Close()
        SqlConnection1.Close()
    End Sub
    Private Sub Write_ErrLog(ByVal vStrErr)
        'Write error log into errlog.txt
        Dim strAppPath
        strAppPath = Mid(Application.ExecutablePath, 1, InStrRev(Application.ExecutablePath, "\") - 1)

        Dim myStreamWriter As New System.IO.StreamWriter(strAppPath & "\Errlog.txt", True)
        myStreamWriter.WriteLine(Now & "  " & vStrErr)
        myStreamWriter.Flush()
        myStreamWriter.Close()
    End Sub
    Private Sub btnLogin_Click(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles btnLogin.Click
        Login()
    End Sub

    Private Sub TxtPw_KeyDown(ByVal sender As Object, ByVal e As System.Windows.Forms.KeyEventArgs) Handles TxtPw.KeyDown
        If e.KeyValue = 13 Then
            Login()
        End If
    End Sub

    Private Sub TxtPw_TextChanged(ByVal sender As System.Object, ByVal e As System.EventArgs) Handles TxtPw.TextChanged

    End Sub
End Class